From c6093f9e568e358ce6fba19b22f79612019c98b3 Mon Sep 17 00:00:00 2001
From: Alexey Shabalin <shaba@altlinux.org>
Date: Fri, 21 Aug 2020 02:26:30 +0300
Subject: [PATCH] execute openvswitch as openvswitch user

---
 rhel/etc_logrotate.d_openvswitch                    | 2 +-
 rhel/etc_openvswitch_default.conf                   | 2 +-
 rhel/usr_lib_systemd_system_ovs-vswitchd.service.in | 1 +
 rhel/usr_lib_systemd_system_ovsdb-server.service    | 1 +
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/rhel/etc_logrotate.d_openvswitch b/rhel/etc_logrotate.d_openvswitch
index f4302ffbc..eaf1fd5bf 100644
--- a/rhel/etc_logrotate.d_openvswitch
+++ b/rhel/etc_logrotate.d_openvswitch
@@ -6,7 +6,7 @@
 # without warranty of any kind.
 
 /var/log/openvswitch/*.log {
-    su root root
+    su openvswitch openvswitch
     daily
     compress
     sharedscripts
diff --git a/rhel/etc_openvswitch_default.conf b/rhel/etc_openvswitch_default.conf
index c74417db6..569ca95de 100644
--- a/rhel/etc_openvswitch_default.conf
+++ b/rhel/etc_openvswitch_default.conf
@@ -2,4 +2,4 @@
 
 # The following is the *default* configuration for the openvswitch user ID.
 # This is for backward compatibility.
-OVS_USER_ID="root:root"
+OVS_USER_ID="openvswitch:openvswitch"
diff --git a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
index ff43dae96..d9f73983e 100644
--- a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
+++ b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
@@ -11,6 +11,7 @@ PartOf=openvswitch.service
 Type=forking
 PIDFile=/run/openvswitch/ovs-vswitchd.pid
 Restart=on-failure
+Environment=OVS_USER_ID=openvswitch:openvswitch
 Environment=XDG_RUNTIME_DIR=/run/openvswitch
 EnvironmentFile=/etc/openvswitch/default.conf
 EnvironmentFile=-/etc/sysconfig/openvswitch
diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service b/rhel/usr_lib_systemd_system_ovsdb-server.service
index 98338b9df..8f45d0108 100644
--- a/rhel/usr_lib_systemd_system_ovsdb-server.service
+++ b/rhel/usr_lib_systemd_system_ovsdb-server.service
@@ -8,6 +8,7 @@ PartOf=openvswitch.service
 [Service]
 Type=forking
 PIDFile=/run/openvswitch/ovsdb-server.pid
+Environment=OVS_USER_ID=openvswitch:openvswitch
 Restart=on-failure
 EnvironmentFile=/etc/openvswitch/default.conf
 EnvironmentFile=-/etc/sysconfig/openvswitch
-- 
2.33.0